Kea issueshttps://gitlab.isc.org/isc-projects/kea/-/issues2023-09-06T15:30:21Zhttps://gitlab.isc.org/isc-projects/kea/-/issues/3036Error while processing command 'config-set': invalid thread pool state change...2023-09-06T15:30:21ZSandeep GagalapallyError while processing command 'config-set': invalid thread pool state change to paused performed by worker threadHello,
I am running into this error when I try to do a `config-reload` of Kea DHCP via Management API.
I don't have issues when I issue `config-get `
Error: invalid thread pool state change to paused performed by worker thread
I hav...Hello,
I am running into this error when I try to do a `config-reload` of Kea DHCP via Management API.
I don't have issues when I issue `config-get `
Error: invalid thread pool state change to paused performed by worker thread
I have this payload in the body
```
{
"command": "config-reload"
}
```
Thank You,
Sandeephttps://gitlab.isc.org/isc-projects/kea/-/issues/2815reservation-del for reservations from JSON config2023-07-17T13:58:21ZSlawek Figielreservation-del for reservations from JSON configTo implement Config Backend Migration #1623, the possibility of deleting host reservations from the JSON configuration is needed.
The reservations will be first inserted into the database and, after that, deleted from the config file.
Un...To implement Config Backend Migration #1623, the possibility of deleting host reservations from the JSON configuration is needed.
The reservations will be first inserted into the database and, after that, deleted from the config file.
Unfortunately, the hosts_cmds hook doesn't have any capabilities to manage the reservations from the configuration file. It supports only database entries.kea2.3.8Slawek FigielSlawek Figielhttps://gitlab.isc.org/isc-projects/kea/-/issues/2749Enable MT in the HA config by default2023-07-17T13:58:22ZFrancis DupontEnable MT in the HA config by default#2402 is only about the core.#2402 is only about the core.kea2.3.7Andrei Pavelandrei@isc.orgAndrei Pavelandrei@isc.orghttps://gitlab.isc.org/isc-projects/kea/-/issues/2707ability to detect Kea config changes (config-hash-get)2023-07-17T13:58:20ZTomek Mrugalskiability to detect Kea config changes (config-hash-get)There was a [discussion in Porto](https://pad.isc.org/p/porto2022-kea-features-for-stork#L19) about detecting out of bounds configuration changes in Kea. The overall idea is that Stork should be able to detect somewhat easily if Kea's co...There was a [discussion in Porto](https://pad.isc.org/p/porto2022-kea-features-for-stork#L19) about detecting out of bounds configuration changes in Kea. The overall idea is that Stork should be able to detect somewhat easily if Kea's config has changed, e.g. by sysadmin or some external tool.
Couple ideas were discussed:
- storing timestamp of last modification
- using hash
- using monotonic counter
- using journal file or auditlog
The overall idea is that Stork (and other monitoring tools) should be able to reasonably easily answer the question whether configuration was modified or not. It is essential the question/answer should be relatively low cost as Stork and other monitoring tools tend to look at Kea's config frequently (e.g. every 15 seconds) and the config changes are typically rare events.
This requires a short ~design.kea2.4.0Tomek MrugalskiTomek Mrugalskihttps://gitlab.isc.org/isc-projects/kea/-/issues/2677T2 gt T1 warning2023-07-17T13:58:22ZPeter DaviesT2 gt T1 warningT2 gt T1 warning
It may be useful in some configurations that when "renew" time (option 58) has
a value greater than "rebind" time (option 59) to ignore the "rebind" time and
for Kea to emit a warning message.
Users compla...T2 gt T1 warning
It may be useful in some configurations that when "renew" time (option 58) has
a value greater than "rebind" time (option 59) to ignore the "rebind" time and
for Kea to emit a warning message.
Users complain that given such a situation Kea exits with the "DHCP4_PARSER_FAIL"
error message.
[RT #21543](https://support.isc.org/Ticket/Display.html?id=21543)kea2.3.5Thomas MarkwalderThomas Markwalderhttps://gitlab.isc.org/isc-projects/kea/-/issues/2642Generic configuration for containers2023-05-31T10:59:43ZPeter DaviesGeneric configuration for containersA request has been made to be enable the use a generic configuration file when employing Kea HA servers from docker containers.
The difference between the configurations would be the value of the HA "this-server-name" parameter.
Woul...A request has been made to be enable the use a generic configuration file when employing Kea HA servers from docker containers.
The difference between the configurations would be the value of the HA "this-server-name" parameter.
Would it possible to inject this value into the container possibly via an environment variable or some other mechanism.
This may also be useful for employing CB server tags in containers.
[RT #21476](https://support.isc.org/Ticket/Display.html?id=21476)current-stable-2.4https://gitlab.isc.org/isc-projects/kea/-/issues/2543Add feature to ignore RAI Link Selection suboption for subnet selection2023-07-17T13:58:24ZDan TheisenAdd feature to ignore RAI Link Selection suboption for subnet selectionIt seems that some vendors may not allow granular control of the option 82 suboptions which are sent. We should add a configuration parameter that allows clients to choose whether or not the RAI Link Selection suboption (option 82.5) is ...It seems that some vendors may not allow granular control of the option 82 suboptions which are sent. We should add a configuration parameter that allows clients to choose whether or not the RAI Link Selection suboption (option 82.5) is used as the primary source of truth for which subnet to use. Clients need to be able to choose the subnet selection logic that Kea regardless of which vendors they use for routing equipment. The specific client in question is attempting to use option 82.1 to classify packets into specific client classes, and use client classification to determine the subnet which a client has an address assigned from. The subnet specified by the routers in the Link Selection subnet is not necessarily the subnet which the client should use. The client uses Juniper routers as DHCP relays, and Juniper's docs do not shed light on how to specifically disable the Link Selection suboption: https://stage.juniper.net/documentation/us/en/software/junos/subscriber-mgmt-sessions/topics/topic-map/dhcp-option-82-using.html#id-using-dhcp-relay-agent-option-82-information
Users should be able to ignore the Link Selection suboption as a primary source of truth for subnet selection, and instead fall back to the normal subnet selection process that is used when the Link Selection suboption is not present. In this case, the routers still include a giaddr (relay address) in the bootp header that can be used for shared network selection.
(Another proposed solution was flex-option for queries)
[RT#20921](https://support.isc.org/Ticket/Display.html?id=20921)kea2.3.2Dan TheisenDan Theisenhttps://gitlab.isc.org/isc-projects/kea/-/issues/2402multi threading mode enabled by default2023-07-17T13:58:22ZWlodzimierz Wencelmulti threading mode enabled by defaultIt's been some time when we released MT support, and HA+MT. We tested this extensively and code looks stable. Also according to performance tests results, Kea running in MT mode with poorly optimised configuration (incorrect thread count...It's been some time when we released MT support, and HA+MT. We tested this extensively and code looks stable. Also according to performance tests results, Kea running in MT mode with poorly optimised configuration (incorrect thread count and queue size for different backends) is much faster than ST mode.
Making this step before releasing next stable is reasonable thing to do.kea2.3.5Andrei Pavelandrei@isc.orgAndrei Pavelandrei@isc.orghttps://gitlab.isc.org/isc-projects/kea/-/issues/2288maxsize and maxver should be excluded from the loggers entry in config-get's ...2022-02-16T15:13:45ZAndrei Pavelandrei@isc.orgmaxsize and maxver should be excluded from the loggers entry in config-get's output if destination is not a filemaxsize and maxver are always included in config-get's output and this is a regression (or a feature) gained in Kea 2.1.2. They should be excluded when the output is not a file since they don't make sense in that case.
The behavior is s...maxsize and maxver are always included in config-get's output and this is a regression (or a feature) gained in Kea 2.1.2. They should be excluded when the output is not a file since they don't make sense in that case.
The behavior is similar for other entries. For example, "lease-database" excludes user, password, port when type is memfile.kea2.1.3Razvan BecheriuRazvan Becheriuhttps://gitlab.isc.org/isc-projects/kea/-/issues/2269Add support for hostnames in configuration files2022-01-27T15:03:34ZDamyan YordanovAdd support for hostnames in configuration filesCurrently, as stated in https://lists.isc.org/pipermail/kea-users/2021-December/003287.html, Kea does not support hostnames in configuration files. With kubernetes in mind, where IP addresses are highly short-lived, supporting hostnames ...Currently, as stated in https://lists.isc.org/pipermail/kea-users/2021-December/003287.html, Kea does not support hostnames in configuration files. With kubernetes in mind, where IP addresses are highly short-lived, supporting hostnames can be a major improvement.
Note that ISC DHCP server does support hostname in configs (https://kb.isc.org/v1/docs/isc-dhcp-44-manual-pages-dhcpdconf#configuring-failover), so some implementation concepts could be borrowed from there.https://gitlab.isc.org/isc-projects/kea/-/issues/2222min-valid-lifetime and max-valid-lifetime not written by config-write2022-01-20T16:24:34ZMaria Hrabosovamin-valid-lifetime and max-valid-lifetime not written by config-writeThe min/max lifetimes in subnets are missing when the configuration is written using `config-write` management API command.
Subnet configuration tested and set using `config-test` and `config-set`:
```
{
"subnet": "192.168.0.0/24",
....The min/max lifetimes in subnets are missing when the configuration is written using `config-write` management API command.
Subnet configuration tested and set using `config-test` and `config-set`:
```
{
"subnet": "192.168.0.0/24",
...
"valid-lifetime": 3600,
"min-valid-lifetime": 3600,
"max-valid-lifetime": 3600,
}
```
Subnet configuration written using `config-write`:
```
{
"subnet": "192.168.0.0/24",
...
"valid-lifetime": 3600,
}
```
_Kea 1.9.6 on CentOS 7_kea2.1.2Francis DupontFrancis Duponthttps://gitlab.isc.org/isc-projects/kea/-/issues/2086Subnet id limits are not enforced2022-06-23T19:26:12ZPeter DaviesSubnet id limits are not enforcedKea 9.11: According to the ARM "Subnet IDs must be greater than zero and less than 4294967295."
However no configuration error appears to be generated when a subnet with an id greater than this is used?
```
{
"id": 102552...Kea 9.11: According to the ARM "Subnet IDs must be greater than zero and less than 4294967295."
However no configuration error appears to be generated when a subnet with an id greater than this is used?
```
{
"id": 10255255025,
"subnet": "10.0.0.0/24",
"pools": [
{
"pool": "10.0.0.50 - 10.0.0.201" } ]
}
]
```
Subnet id 10255255025 becomes 1665320433.
```
2021-09-01 09:16:29.465 DEBUG [kea-dhcp4.hosts/4035250.140148899886976] HOSTS_CFG_GET_ONE_SUBNET_ID_ADDRESS4 get one host with reservation for subnet id 1665320433 and IPv4 address 10.0.0.160
```
kea-lease4.csv:
```
address,hwaddr,client_id,valid_lifetime,expire,subnet_id,fqdn_fwd,fqdn_rev,hostname,state,user_context
10.0.0.50,98:ee:cb:4c:22:8f,,600,1631520296,1665320433,0,0,,0,
```
[RT #19141](https://support.isc.org/Ticket/Display.html?id=19141)kea2.1.7Francis DupontFrancis Duponthttps://gitlab.isc.org/isc-projects/kea/-/issues/1866segfault on parameter-less forensic logging2021-05-19T14:26:22ZAndrei Pavelandrei@isc.orgsegfault on parameter-less forensic loggingWhen configuring kea-dhcp[46] with a forensic logging without a "parameters" field, it segfaults.
```json
"hooks-libraries": [
{
"library": "libdhcp_legal_log.so"
}
]
```
`
kea-dhcp6: /usr/include/boost/smar...When configuring kea-dhcp[46] with a forensic logging without a "parameters" field, it segfaults.
```json
"hooks-libraries": [
{
"library": "libdhcp_legal_log.so"
}
]
```
`
kea-dhcp6: /usr/include/boost/smart_ptr/shared_ptr.hpp:728: typename boost::detail::sp_member_access<T>::type boost::shared_ptr<T>::operator->() const [with T = isc::legal_log::BackendStore; typename boost::detail::sp_member_access<T>::type = isc::legal_log::BackendStore*]: Assertion 'px != 0' failed.
`
`
#4 0x00007ffff34e1cf5 in boost::shared_ptr<isc::legal_log::BackendStore>::operator-> (this=0x7ffff3558250 <isc::legal_log::BackendStore::instance()::backend_store>) at /usr/include/boo
st/smart_ptr/shared_ptr.hpp:728
#5 0x00007ffff34decf1 in load (handle=...) at load_unload.cc:52
`
This used to work in 1.9.7.
This is also why system tests are failing on Jenkins.
`parameters` is checked on the first line of `BackendStore::parseFile()`, it returns on null, and the backend store is not instantiated further down below.
```cpp
void
BackendStore::parseFile(const ConstElementPtr& parameters) {
if (!parameters) {
return;
}
[..]
BackendStore::instance().reset(new RotatingFile(path, base, unit, count,
prerotate, postrotate));
}
```kea1.9.8Andrei Pavelandrei@isc.orgAndrei Pavelandrei@isc.orghttps://gitlab.isc.org/isc-projects/kea/-/issues/1849optimize Subnet::poolOverlaps2023-02-27T15:17:20ZRazvan Becheriuoptimize Subnet::poolOverlapsFalsely reported as copy paste error by Coverity scan:
```
bool
Subnet::poolOverlaps(const Lease::Type& pool_type, const PoolPtr& pool) const {
const PoolCollection& pools = getPools(pool_type);
// If no pools, we don't overlap....Falsely reported as copy paste error by Coverity scan:
```
bool
Subnet::poolOverlaps(const Lease::Type& pool_type, const PoolPtr& pool) const {
const PoolCollection& pools = getPools(pool_type);
// If no pools, we don't overlap. Nothing to do.
if (pools.empty()) {
return (false);
}
// We're going to insert a new pool, likely between two existing pools.
// So we're going to end up with the following case:
// |<---- pool1 ---->| |<-------- pool2 ------>| |<-- pool3 -->|
// F1 L1 F2 L2 F3 L3
// where pool1 and pool3 are existing pools, pool2 is a pool being
// inserted and "F"/"L" mark first and last address in the pools
// respectively. So the following conditions must be fulfilled:
// F2 > L1 and L2 < F3. Obviously, for any pool: F < L.
// Search for pool3. We use F2 and upper_bound to find the F3 (upper_bound
// returns first pool in the sorted container which first address is
// greater than F2). prefixLessThanPoolAddress with the first argument
// set to "true" is the custom comparison function for upper_bound, which
// compares F2 with the first addresses of the existing pools.
PoolCollection::const_iterator pool3_it =
std::upper_bound(pools.begin(), pools.end(), pool->getFirstAddress(),
prefixLessThanFirstAddress);
// upper_bound returns a first pool which first address is greater than the
// address F2. However, it is also possible that there is a pool which first
// address is equal to F2. Such pool is also in conflict with a new pool.
// If the returned value is pools.begin() it means that all pools have greater
// first address than F2, thus none of the pools can have first address equal
// to F2. Otherwise, we'd need to check them for equality.
if (pool3_it != pools.begin()) {
// Go back one pool and check if addresses are equal.
PoolPtr pool3 = *(pool3_it - 1);
if (pool3->getFirstAddress() == pool->getFirstAddress()) {
return (true);
}
}
// If returned value is unequal pools.end() it means that there is a pool3,
// with F3 > F2.
if (pool3_it != pools.end()) {
// Let's store the pointer to this pool.
PoolPtr pool3 = *pool3_it;
// F3 must be greater than L2, otherwise pools will overlap.
if (pool3->getFirstAddress() <= pool->getLastAddress()) {
return (true);
}
}
// If L2 is ok, we now have to find the pool1. This pool should be
// right before the pool3 if there is any pool before pool3.
if (pool3_it != pools.begin()) {
PoolPtr pool1 = *(pool3_it - 1);
// F2 must be greater than L1.
if (pool->getFirstAddress() <= pool1->getLastAddress()) {
return (true);
}
}
return (false);
}
```
checking
```
if (pool3_it != pools.begin()) {
// Go back one pool and check if addresses are equal.
PoolPtr pool3 = *(pool3_it - 1);
if (pool3->getFirstAddress() == pool->getFirstAddress()) {
return (true);
}
}
```
is useless as we also check it on the third comparison:
```
if (pool3_it != pools.begin()) {
PoolPtr pool1 = *(pool3_it - 1);
// F2 must be greater than L1.
if (pool->getFirstAddress() <= pool1->getLastAddress()) {
return (true);
}
}
```
as pool1->getLastAddress() >= pool3->getFirstAddress() == pool1->getFirstAddress() >= pool->getFirstAddress()outstandingRazvan BecheriuRazvan Becheriuhttps://gitlab.isc.org/isc-projects/kea/-/issues/1683kea is not accepting custom spaces in option definitions in class2023-04-04T09:50:34ZWlodzimierz Wencelkea is not accepting custom spaces in option definitions in classoptions in kea can be defined in kea standard space `dhcp4` and `dhcp6` or custom spaces e.g.:
```
"option-def": [
{
"array": false,
"code": 242,
"encapsulate": "",
"name": "dls",
"record-types": "",
"space": "X...options in kea can be defined in kea standard space `dhcp4` and `dhcp6` or custom spaces e.g.:
```
"option-def": [
{
"array": false,
"code": 242,
"encapsulate": "",
"name": "dls",
"record-types": "",
"space": "XYZ",
"type": "string"
}
],
```
But Kea accept custom spaces only on global level, returns error with this configuration:
```
client-classes": [
{
"option-def": [
{
"encapsulate": "339",
"code": 43,
"type": "empty",
"name": "vendor-encapsulated-options"
},
{
"code": 2,
"name": "vlanid",
"space": "339",
"type": "uint32",
"record-types": "",
"array": false,
"encapsulate": ""
},
{
"code": 3,
"name": "dls",
"space": "339",
"type": "string",
"record-types": "",
"array": false,
"encapsulate": ""
}
],
"name": "VENDOR_CLASS_339",
"option-data": [
{
"name": "vendor-encapsulated-options"
},
{
"always-send": true,
"data": "123",
"name": "vlanid",
"space": "339"
},
{
"always-send": true,
"data": "sdlp://192.0.2.11:18443",
"name": "dls",
"space": "339"
}
]
}
],
```
Error:
```
2021-01-28 07:16:28.281 INFO [kea-dhcp4.dhcp4/27394.140192072867456] DHCP4_STARTING Kea DHCPv4 server version 1.9.4-git (development) starting
2021-01-28 07:16:28.282 WARN [kea-dhcp4.dhcp4/27394.140192072867456] DHCP4_DEVELOPMENT_VERSION This software is a development branch of Kea. It is not recommended for production use.
2021-01-28 07:16:28.283 ERROR [kea-dhcp4.dhcp4/27394.140192072867456] DHCP4_CONFIG_LOAD_FAIL configuration error using file: /home/wlodek/installed/git/etc/kea/kea-dhcp4.conf, reason: Not allowed option definition for code '2' in space '339' at (/home/wlodek/installed/git/etc/kea/kea-dhcp4.conf:46:21)
2021-01-28 07:16:28.285 ERROR [kea-dhcp4.dhcp4/27394.140192072867456] DHCP4_INIT_FAIL failed to initialize Kea server: configuration error using file '/home/wlodek/installed/git/etc/kea/kea-dhcp4.conf': Not allowed option definition for code '2' in space '339' at (/home/wlodek/installed/git/etc/kea/kea-dhcp4.conf:46:21)
```
Making impossible to have multiple suboptions code `2` for different classes.
full config attached [kea-dhcp4.conf](/uploads/d68a9d83bf876bf2b8dd033f738424da/kea-dhcp4.conf)current-stable-2.4https://gitlab.isc.org/isc-projects/kea/-/issues/1457Pools in example configurations conflict2020-11-16T08:18:24ZAndrei Pavelandrei@isc.orgPools in example configurations conflictI know pools are the first thing an administrator changes in a real environment, but then there are developers who try to come up with a fast local setup and take inspiration from example configurations. And then they stumble upon
`
DHC...I know pools are the first thing an administrator changes in a real environment, but then there are developers who try to come up with a fast local setup and take inspiration from example configurations. And then they stumble upon
`
DHCP6_INIT_FAIL [..] subnet configuration failed: a pool of type IA_PD, with the following address range: 2001:db8::-2001:db8:ff:ffff:ffff:ffff:ffff:ffff overlaps with an existing pool in the subnet: 2001:db8::/32 to which it is being added
`
This is the case for `kea6/all-keys.json`, but there might be others. Pools can be easily changed to not come into conflict, so let's do that.kea1.9.2Andrei Pavelandrei@isc.orgAndrei Pavelandrei@isc.orghttps://gitlab.isc.org/isc-projects/kea/-/issues/1456Minor bug in inheritance2020-12-09T14:19:27ZFrancis DupontMinor bug in inheritancegetGlobalProperty does not work as expected with Triplet return type so for instance maximum and minimum lifetimes are not inherited from global values when a subnet is added by the configuration backend.
Note when this will be fixed we...getGlobalProperty does not work as expected with Triplet return type so for instance maximum and minimum lifetimes are not inherited from global values when a subnet is added by the configuration backend.
Note when this will be fixed we should be able to get rid of the syntax inheritance i.e. here of deriveParameters.kea1.9.3Francis DupontFrancis Duponthttps://gitlab.isc.org/isc-projects/kea/-/issues/1454PDExclude example in kea6/all-keys.json is invalid2020-10-16T10:42:33ZAndrei Pavelandrei@isc.orgPDExclude example in kea6/all-keys.json is invalidUsing the pool which contains the `"excluded-prefix"` and `"excluded-prefix-len"` fields found in `all-keys.json` would result in
`
DHCP6_INIT_FAIL failed to initialize Kea server: configuration error using file '/etc/kea-dhcp6.conf': E...Using the pool which contains the `"excluded-prefix"` and `"excluded-prefix-len"` fields found in `all-keys.json` would result in
`
DHCP6_INIT_FAIL failed to initialize Kea server: configuration error using file '/etc/kea-dhcp6.conf': Excluded prefix (48) must be longer than the delegated prefix length (64
`
which, mind you, is also missing a bracket at the end.kea1.9.1Andrei Pavelandrei@isc.orgAndrei Pavelandrei@isc.orghttps://gitlab.isc.org/isc-projects/kea/-/issues/1423Generate tests for syntax entry uniqueness2020-10-20T12:39:47ZFrancis DupontGenerate tests for syntax entry uniquenessThe following discussion from #1102 !928 should be addressed:
- [ ] @marcin started a [discussion](https://gitlab.isc.org/isc-projects/kea/-/merge_requests/928#note_163552): (+3 comments)
> It would be good to extend these tests t...The following discussion from #1102 !928 should be addressed:
- [ ] @marcin started a [discussion](https://gitlab.isc.org/isc-projects/kea/-/merge_requests/928#note_163552): (+3 comments)
> It would be good to extend these tests to have a list of all supported parameters and iterate over them and see if an error is raised when they are duplicated. This test only covers selected ones.kea1.9.1Francis DupontFrancis Duponthttps://gitlab.isc.org/isc-projects/kea/-/issues/1330Add a test mode to the interface configuration parser2020-07-27T08:51:32ZFrancis DupontAdd a test mode to the interface configuration parserSee https://gitlab.isc.org/isc-projects/kea/-/issues/1166#note_148112 for the reason.See https://gitlab.isc.org/isc-projects/kea/-/issues/1166#note_148112 for the reason.kea1.7.10Francis DupontFrancis Dupont